Articles about Security

Cloud application security suite protects against DDoS and other attacks

cloud security

Moving business applications to the cloud doesn't remove the need for securing them, in fact it potentially makes them more vulnerable.

Cloud application delivery service Instart Logic has announced a new Security Suite offering customers multi-layered protection against DDoS attacks and other cybersecurity threats.

Continue reading

Companies add more physical security to combat BYOD risks

photo by Slavoljub Pantelic, Shutterstock

According to a new survey carried out for security device specialist Kensington, 73 percent of executives recognize that BYOD presents greater risks for the organization.

However, 59 percent still approve the use of personal devices for business use and to address concerns 55 percent are planning to invest more in physical security.

Continue reading

Security breach reveals personal details of USPS employees and customers

Security breach reveals personal details of USPS employees and customers

The latest high-profile security breach has exposed the personal details of hundreds of thousand of USPS workers, as well as customers. The attack, which is suspected to originate from China, took place in the middle of September, but details are only just emerging. An investigation by the FBI started straight away and is still on-going.

USPS says that employee information such as "names, dates of birth, Social Security numbers, addresses, beginning and end dates of employment, emergency contact information" was compromised. The security breach also affects customers as call center data was obtained by the attackers, including "names, addresses, telephone numbers, email addresses".

Continue reading

US government's top security contractor took months to notice it had been hacked


The US government's leading security clearance contractor has been the victim of a cyber-attack that took months to even be noticed, according to recent reports. USIS, which specializes in "providing information and security services to government agencies and commercial enterprises", has come under fire for failing to spot the potentially harmful infiltration into its computer systems.

The breach, which was first revealed by the company and government agencies in August, is said to have compromised the personal records of at least 25,000 employees at the Homeland Security Department, and is reported to have cost the company hundreds of millions of dollars in lost government contracts.

Continue reading

Darkhotel steals data from traveling executives

Hotel wi-fi business

Darkhotel sounds like it ought to be one of those budget hotel chains you find on the outskirts of towns -- possibly one built without windows to keep costs down.

In fact researchers at Kaspersky Lab have revealed that it's an espionage campaign, which has been operating for almost a decade, that steals sensitive data from corporate executives traveling abroad.

Continue reading

Fileless malware runs entirely from memory to make detection harder

hacker malware

Traditional malware infections usually require a file object to be placed on the system which makes it relatively easy for them to be detected and removed.

Now though there’s a stealthier threat uncovered by security company Malwarebytes. Poweliks is an infection that runs without a filesystem object, completely from the registry and memory using rundll32.exe, javascript and a create on-the-fly dll.

Continue reading

Federal government websites violated the privacy of people looking for AIDS information

Federal government websites violated the privacy of people looking for AIDS information

Government websites set to help people gain access to information about AIDS have been leaking the data about its users. Anyone visiting and making use of the search box will probably be concerned to learn that, until the end of last month, data was transmitted in unencrypted form. The Washington Post points out that this data could be very easily intercepted and used to identify an individual.

We know that web users are more concerned about privacy than ever before -- and little wonder when authorities say that privacy is not a right. We know that there are various ways in which web activity can be monitored, but it seems that the smartphone app associated with included this feature as standard -- the app collected and transmitted the latitude and longitude of users, again unencrypted.

Continue reading

Twitter teams up with Women, Action & the Media to fight online harassment

Twitter teams up with Women, Action & the Media to fight online harassment

Social networks have long been a domain for trolls, but in more recent times there has been an increasing problem with harassment of women. There have been a number of high-profile cases recently, including #gamergate, where women have found themselves targets of vicious attacks online. Women, Action & the Media (WAM!) is a US non-profit whose aimed is to fight for gender equality in the media, and its latest project involves collaborating with Twitter to help fight harassment and abuse.

The project's aim is to better understand how online persecution can be tackled. WAM! explains that "women of color, queer women, trans women, fat women, and other oppressed groups of women are especially targeted and abused", but the Twitter collaboration is design to help any Twitter users experiencing "gendered harassment".

Continue reading

Privacy battle on the horizon


The new internet protocol known as Multipath Transmission Control Protocol enables easy privacy invasion, but also secures today’s networks.

On the internet, your traffic is not your own -- no matter how you roam. New multipath technologies, including one found hidden dormant in the internals of the newest Mac operating system, OS X 10.10 Yosemite, may provide consumers with more tools to gain control of their online communications. However, this freedom comes at a price, which network operators may not be willing to pay.

Continue reading

Law enforcement agencies swoop on dark net, closing Silk Road 2.0 and other sites

Law enforcement agencies swoop on dark net, closing Silk Road 2.0 and other sites

As concerns about online surveillance mount, more and more people are seeking ways to protect their identities and disguise their online activities. Services such as Tor are increasingly popular as surfers look for ways to maintain their privacy. Facebook even recently got in on the act, providing users concerned about their privacy with a secure .onion address through which to access the site.

While the likes of Tor are often turned to as a means of bolstering security and privacy, there is also a darker side -- the dark net, the dark web -- which is used for more nefarious activities. One site that rose to notoriety was Silk Road, an anonymous online marketplace where just about anything could be bought. Last year, the FBI closed the service, but Silk Road 2.0 soon sprang up out of the ashes. This has now also come to an end as the FBI once again shut down the marketplace with the help of Europol and Eurojust in a coordinated clampdown on the darker side of the web.

Continue reading

Wiper makes conversations more secure, offers on-demand chat deletion


Today, there is a messaging service for just about anything and anyone. The core features are pretty much the same across the board, however. Where they differ is mostly in the way those features are implemented. For instance, you can chat with others using any messaging app, but not all offer encrypted conversations or delete your messages after they're received. The devil is in the details, as always.

Despite all the different options available today, there is still room for new messaging services to make their mark. Wiper is among the new up and coming players, with its main highlights being the option to delete conversations everywhere, on-demand, and provide secure HD video chats.

Continue reading

Brace yourself for a bumper Patch Tuesday say experts

Patch download

Next week's round of Patch Tuesday updates from Microsoft is set to be the biggest so far this year with 16 bulletins in total, five of which are rated Critical and nine as Important.

Most of the Critical bulletins are for Windows components and affect a range of supported systems. Karl Sigler, Threat Intelligence Manager at Trustwave says, "If you are currently running a supported version of Windows, you will want to update as soon as these updates become available. These are some of the nastier vulnerabilities we've seen in Windows in a while".

Continue reading

Want to stay safe from WireLurker malware on iOS, OS X? Don't use shady app stores!

Warning Sign Sky Cloud Cloudy

In spite of some incidents here and there, both iOS and OS X are mostly safe from malware. Obviously, that assumption only holds true assuming that users do not go out of their way to get into trouble by jailbreaking their devices and messing with cracked apps or software grabbed from shady places. It is common sense, really -- the security measures that Apple enforces can only go so far to protect users in uncontrolled environments. (The same thing can also be said in regards to Android and Windows, but that is a different story.) And if you need any more proof of just how important it is to stick to trusted sources, this is it.

In the past six months, hundreds of thousands of iOS and OS X users have been affected by the WireLurker malware family, according to security research firm Palo Alto Networks, after using Chinese third-party app store Maiyadi App Store to download OS X software. Go figure!

Continue reading

Backupify adds HIPAA compliance to enterprise security features

Cloud Security Lock

Cloud backups are all the rage at the moment, but they do raise security concerns, particularly for businesses that deal with sensitive information.

Cloud to cloud backup specialist Backupify has added some new features to its service to make it more secure. These include HIPAA (Health Insurance Portability and Accountability Act) compliance as well as new features for admins.

Continue reading

5 things your CIO needs to know about identity


When CIOs talk security they often use words like "firewall" and "antivirus." Here's why today's technology landscape needs a different vocabulary.

Modern businesses are more open than ever before, but that doesn't mean they are more secure. On the business side, companies are taking advantage of cloud computing by focusing on their internal competencies and outsourcing what they can to third-party vendors. On the consumer side, employees armed with devices are increasingly demanding flexible and frictionless access to data from anywhere.

Continue reading

© 1998-2014 BetaNews, Inc. All Rights Reserved. Privacy Policy.